Phishing Attack Warning 22nd May

Some users may see a phishing warning when entering the CMS, particulary in Chrome, and it may last a few days. 

The underlying issue was dealt with quickly but we need to wait for google staff to disable the warning mesage.

What To Do

Please ignore the error message, or use a different web browser for the next few days.

Consider using our alternative CMS web addresses

Do you need to be alarmed?

No, it's ok to proceed through that warning and enter our CMS... It's not a phishing attack when you are doing your normal business with us. 

What actually happened? 

The phishing attack is related to 2 very specific trial website files that were merely shared on the internet with others. 

Website builder is in the business of allowing people to create websites and upload files. Quite often, some users attempt to create phishing websites using our trial web spaces.

Every day we attempt to clean out all the spam/hacker trial sites, but human error can prevail.

We created a warning message for people who access a trial website from any other source than the CMS. 

But in this case, some tricky person found a way to make 1 custom file available on our main cms-tool.net URL, thats the same domain as when you log into the CMS. So now our main URL has been tainted by that single file being shared around the internet. There is nothing wrong with our security, our domain has merely been tarnished in reputation by being associated with the file that should only have been available on a trial website URL. 

In any case, we had deleted the file within 1 hour of being told about it... but by that time it's too late, and google has decided to issue a quarantine notice against our domain.

Rest assured that your websites are safe. We were not hacked. It's just 1 person uploading a file into a trial webspace, and by association we have this issue. 

UPDATE 25th May

Some customers are still reporting this fault even though we have a clean bill of health... 

Checked URL: www.cms-tool.net
Phishing Result:No Match
Malware Result:No Match
Unwanted Result:No Match
Remote Lookup (not part of phpgsb):No Match

Posted: Saturday 23 May 2015

Comments

No messages found!